<?php

class BlogpostController extends AController
{
	
    
    /*
	 * Creates a new model.
	 * If creation is successful, the browser will be redirected to the 'view' page.
	 */
	public function actionCreate()
	{
     if(Yii::app()->user->checkAccess('createBlogPost')) 
     { 
		$model=new Blogpost;

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['Blogpost']))
		{
			$model->attributes=$_POST['Blogpost'];
			if($model->save())
				$this->redirect(array('index','id'=>$model->id));
		}

		$this->render('create',array(
			'model'=>$model,
		));
     }else
            throw new CHttpException(403, 'У вас нет прав для выполнения указанного действия');   
	}

	/**
	 * Updates a particular model.
	 * If update is successful, the browser will be redirected to the 'view' page.
	 * @param integer $id the ID of the model to be updated
	 */
	public function actionUpdate($id)
	{
     if(Yii::app()->user->checkAccess('updateBlogPost')) 
     {  
		$model=$this->loadModel($id);

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['Blogpost']))
		{
			$model->attributes=$_POST['Blogpost'];
			if($model->save())
				$this->redirect(array('index','id'=>$model->id));
		}

		$this->render('update',array(
			'model'=>$model,
		));
      }else
            throw new CHttpException(403, 'У вас нет прав для выполнения указанного действия');  
	}

	/**
	 * Deletes a particular model.
	 * If deletion is successful, the browser will be redirected to the 'admin' page.
	 * @param integer $id the ID of the model to be deleted
	 */
	public function actionDelete($id)
	{
	 if(Yii::app()->user->checkAccess('deleteBlogPost')) 
     {   
		if(Yii::app()->request->isPostRequest)
		{
			// we only allow deletion via POST request
		//	$this->loadModel($id)->delete();
            Blogpost::model()->deleteByPk($id);
            Blogcomment::model()->deleteAllByAttributes(array('post_id'=>$id));  //Удаление всех комментариев, связанных с постом

			// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
			if(!isset($_GET['ajax']))
				$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('index'));
		}
		else
			throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
      }else
            throw new CHttpException(403, 'У вас нет прав для выполнения указанного действия');      
	}



	/**
	 * Manages all models.
	 */
	public function actionIndex()
	{
     if(Yii::app()->user->checkAccess('viewBlogPost')) 
     { 
		$model=new Blogpost('search');
		$model->unsetAttributes();  // clear any default values
		if(isset($_GET['Blogpost']))
			$model->attributes=$_GET['Blogpost'];

		$this->render('index',array(
			'model'=>$model,
		));
      }else
            throw new CHttpException(403, 'У вас нет прав для выполнения указанного действия');  
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * @param integer the ID of the model to be loaded
	 */
	public function loadModel($id)
	{
		$model=Blogpost::model()->findByPk($id);
		if($model===null)
			throw new CHttpException(404,'The requested page does not exist.');
		return $model;
	}

	/**
	 * Performs the AJAX validation.
	 * @param CModel the model to be validated
	 */
	protected function performAjaxValidation($model)
	{
		if(isset($_POST['ajax']) && $_POST['ajax']==='blogpost-form')
		{
			echo CActiveForm::validate($model);
			Yii::app()->end();
		}
	}
}
